All the ACIs under a single suffix in the directory can be viewed from the command line by using the following
ldapsearch -x -D bind_dn -w password -p server_port -h server_hostname (aci=*) aci
From the Directory Server Console, all of the ACIs that apply to a particular entry can be viewed through the Access Control Manager.
Start the Directory Server Console.
In the Directory tab, right-click the entry in the navigation tree, and select Set Access Permissions.
Check the Show Inherited ACIs check box to display all ACIs created on entries above the selected entry that also apply.